Practice statement of the CCA
According to the Law of Ukraine "On Electronic identification and electronic Trust Services", the Central Certification Authority provides qualified electronic trust services for creation, verification and validation of a qualified certificate of electronic signature or seal to the qualified trust services providers using a self -signed certificate of the public key.
At the same time, organizational and methodological, technical and technological conditions of activity of the Central Certification Authority while providing a qualified electronic trust service of creation, verification and validation of the qualified certificate of electronic signature or seal, and the order of interaction of the qualified trust services providers with the Central Certification Authority during the process of creation, verification and validation of the qualified certificate of electronic signature or seal are established by the of Practice statement the Central Certification Authority.
The Practice statement of the Central Certification Authority is binding for legal entities and natural persons - entrepreneurs who intend to provide electronic trust services and for qualified trust services providers.
The Central Certification Authority Practice statement does not apply to trust service providers who do not intend to provide qualified electronic trust services, as well as to the providers who intend to provide qualified trust services in the banking sphere and during the transfer of funds.
According to the requirements of the legislation, the Practice statement contains:
- general information about the provider the Central Certification Authority (name; code in the Unified State Register of Enterprises and Organizations of Ukraine; Location, Phone Number, Email Website);
- a list of qualified electronic trust services, the provision of which is provided by the Central Certification Authority;
- a list of positions of employees whose duties are directly related to the provision of qualified electronic trust services and the functions of such employees;
- certificate policy and certification practices;
- description of procedures and processes that are performed while providing qualified electronic trust services that do not include the creation and technical support of qualified public key certificates.
The Practice statement is approved by the head of the Central Certification Authority - the Minister of Digital Transformation of Ukraine and agreed with the controlling body - the State Service of Special Communications and Information Protection of Ukraine.
The text of the Practice statement of the Central Certification Authority can be found at the link: